“Regulation remains the greatest challenge.”

The following blog post was written by Tim Stockschläger, Security Token expert, for our whitepaper “Secondary Markets for Security Token”. The whitepaper is part of a series titled “STO 101: Anatomy and Context of Security Token Offerings”. More information on this series can be found here.


Anyone who hears about blockchain and finance today primarily thinks of cryptocurrencies. The field of digital securities is still in its infancy. The advantages are obvious:

  1. Fewer intermediaries mean fewer fees for all market participants
  2. More efficient transactions
  3. Round-the-clock tradability and much more

However, the supply of corresponding digital trading venues for such securities or Security Tokens is still very limited or de facto non-existent.

Why is that? This is the question we will look at. After the hype surrounding ICOs (Initial Coin Offerings) in 2017 and 2018, disillusionment initially set in, as many token holders lost their funds or the companies simply disappeared. ICOs were also never intended as investments but were used by many people for that purpose. The technical possibilities of ICO have shown that there is a lot of interest in trading digital assets. So how about using these technical innovations for legally compliant securities and other digital assets? While the trading of normal tokens is very simple and not very sophisticated due to a lack of regulation, a comparable trading of Security Tokens or digital assets has not yet been established. What has made ICOs so successful – at least for a short time – is precisely the following idea:

While some of these trading venues carried a brief valuation of the companies/tokens, in principle, almost any token could be listed – there were no legal specifications, requirements, or supervision. Anyone could buy and sell these tokens at low transaction costs, with virtually no minimum investment and from anywhere in the world. How can these technical advantages be transferred into a regulated environment, and what challenges arise in the process? Companies can issue tokens for financing and then sell these tokens on a (decentralized) trading venue for secondary trading.



Anyone who has ever wanted to acquire a share knows how strongly prices can be manipulated with a buy or sell order. Supply and demand are not always constant, and trading volumes can quickly come to a standstill during crises. We have looked at the volume of Security Tokens in Europe. Here we have considered all Security Tokens which, according to their own statements, classify themselves in this way, without going too deeply into the subject, what are objectively security vs. utility tokens in the sense of regulation (e.g., Howey Test). The volume of self-declared Security Tokens, especially in Europe, is often in the single-digit million range. In comparison, the market capitalization of small caps in regular stock exchange trading is many times higher. From this, it is easy to see the challenge for liquid trading when regular second-line stocks already show too little liquidity in some cases.



In addition to liquidity, profitability is also a critical factor for success. Centralized trading venues that want to trade Security Tokens (or digital assets) fully in the legal sense would probably also have to fully comply with the regulatory requirements at present (i.e. MiFID II, etc.). These requirements imply a very high bureaucratic effort. A high level of bureaucracy in turn means high administrative costs, which would have to be passed on to the individual tokens.

Fig. 1: Legal compliance leads to low profitability for Security Token secondary markets


The costs would therefore have to be recovered through a listing or trading fees. In addition, there are the general costs for marketing, operation, technical development, etc. For this reason, the operation of a trading platform, which complies with the usual regulation is often only interesting for larger volumes. The much-cited idea that Security Tokens are a lucrative alternative for startups and smaller SMEs cannot be supported from the perspective of tradability. In fact, a regulated trading exchange for genuine Security Tokens would have to comply with the same regulations as a traditional securities exchange. If this was the case, many of the reasons for using a Security Token would fall aside.


Customer verification (KYC)

As a rule, regulators (i.e. supervisory authorities) require identification from each investor by means of picture or video identification. A potential investor must identify himself by video. This is done at most traditional banks and marketplaces via external service providers who take over the digital identification, e.g. via video. Once identified, an investor can only invest on the platform or with the provider. The identification is important for compliance with regulations to combat money laundering and terrorist financing. Depending on the country, the platforms must meet different requirements for identification. This is one of the major differences between regulated Security Tokens and traditional ICOs, where the token holder is not known. This also results in a technical challenge of why Security Tokens are not so easily tradable. There is a lack of uniform standards to sell a Security Token in a trading venue and at the same time ensure that the potential buyer has also undergone authentication. Furthermore, it is often not sufficient if the buyer is only identified, but, depending on the jurisdiction, the personal data must also be communicated to the company issuing the token. There is currently a lack of technical protocols in this case. One way to decentralize the service would be that ID providers are listed for one platform and pay for each identification would receive a fee for each transaction. However, this would mean that an investor would have to pay for this identification. The provider would then issue a kind of “verifiable credential”, which is used for identification purposes. Such a “verifiable credential” could be in a JSON data format and would thus be relatively easy to transfer between different platforms and could be interpreted platform-independently. The developments in the area of “verifiable credentials” is an exciting topic that will facilitate decentralized trading in the future.


Regulation remains the greatest challenge

There are already many countries that have set themselves the task to find a regulation for blockchain applications, and are already in the process of implementing it, or have already established certain regulations. Unfortunately, it does not currently look as if there will be much change for smaller SMEs in the short term. In short, the rules in Europe will remain as they are known from regulated share trading. But let’s look at the regulatory challenges in detail. The reason for this is simple: the digital securities (or Security Tokens) fall under the regulation of the corresponding classic securities or financial instruments under MiFID II (Directive on Markets in Financial Instruments) in many countries. This is understandable, as the Security Tokens are meant to represent securities. This was just a differentiating feature between Security Tokens and Utility Tokens. The latter did not claim to convey legal certainty. For this reason, financial market laws for trading venues are generally applicable to the transfer of Security Tokens. MiFID II also requires a legal entity to be the manager of the trade, so a decentralization of a digital securities marketplace seems unrealistic at present. These legal entities (firms) must be authorized to trade within the framework of MiFID II. The regulation in turn has the consequence that certain reporting guidelines (e.g. insider trading) must be adhered to, and continuous audits take place. This is likely to be the case with a fully decentralized system. For issuers of a Security Token sales on a regulated market are often subject to publication requirements, so that (analogous to the stock exchange) quarterly figures, ad-hoc news, etc. must be published accordingly. This can affect “smaller” companies without a dedicated investor relations department that can quickly become overwhelmed. The European Commission’s proposal for Regulation of Crypto Asset Markets (MiCA) is a regulatory framework that has been developed to help regulate the currently uncovered crypto-assets and their service providers in the EU and to establish, by 2024, a uniform licensing system across all Member States.

Provided MiCa is adopted, it will apply directly to all EU member states and companies wishing to offer services in the EU. MiCa is therefore intended to provide secure access to cryptocurrencies and tokens and enable innovative technologies in a legal framework. Germany has also taken an important step in regulating digital securities with the Electronic Securities Act (eWpG) that has been introduced. Tokenized bearer bonds, for example, can be entered into an electronic securities register and thus “dematerialized.” Issuers are thus given an alternative to the physical securities certificate, which greatly facilitates the trading of digital securities.

The Principality of Liechtenstein independently promoted technology-neutral legislation at an early stage, making it a favored location in Europe for blockchain startups. With the much-cited Token Law (TVTG), Liechtenstein has introduced legal certainty for tokenized assets: civil law for tokens, creation of digital securities (shares, bonds, fund units etc.), and also the segregation of tokens in the event of bankruptcy. The treatment in case of bankruptcy is still pending in many countries and is crucial for many investors, as token issuers can not simply disappear, as has unfortunately happened in the past. Nevertheless, even in Liechtenstein, automatic trading is not (yet) quite so easily possible. One reason for this is explained by Thomas Dünser (Head of the Staff Office for Financial Center Innovation in Liechtenstein) as follows:

“In Europe, a central securities depository is necessary. Depending on the implementation of the token trading venue a central securities depository is not necessary from a technical point of view, i.e., its core functions are performed by the blockchain fulfilled directly. An existing central securities depository would have to introduce a completely new system for Security Tokens, which is associated with high costs and regulatory uncertainties. The requirements for a new central securities depository on a blockchain basis are very high and not worthwhile for most projects.”

At the end of the day, if the same rules apply to smaller SMEs for digital securities on the blockchain as they do for publicly traded corporations, where are the benefits of digital tokens? The answer is, as of today, unfortunately, still sobering. Thomas Dünser explains:

“In active secondary trading (according to MiFID), there are actually few advantages at present. The cost advantages are offset again by the requirements for intermediaries. In the case of bulletin board platforms, the advantages are definitely available, but with limited trading functionality.”

Bulletin board platforms are platforms that technically enable the trading of Security Tokens. The difference to automated trading is that the participants have to find a concrete trading partner – like at a flea market. A seller shows his available goods (tokens) and a buyer can see them and buy them if he wants. This allows, at least in a certain framework, the trading of Security Tokens, but automation is a critical component for the further development of the industry.


A fully automated stock exchange with legal exemptions

It is understandable that legally the same rules apply if investors are to receive the same securities (as on the stock market). So basically, as Thomas Dünser says, “same business, same rules” applies. However, to ensure that smaller companies also benefit from automation, countries could create exceptions. Here, the technical possibilities and investor protection must always be weighed against each other. A recent amendment in the European Union, for example, considerably eased the documentation requirements for crowdfunding projects below EUR 5 million (depending on the country). Under certain conditions, companies can be partially exempted from the comprehensive (and thus also expensive) documentation obligation.

A corresponding exemption for a trade of Security Tokens up to certain thresholds would be a conceivable option. One reason that speaks against this is still investor protection. Many projects have collected money from investors, but then relatively quickly disappeared from the market, much to the annoyance of (private) investors. For this, understandable, reason, it makes sense not to interpret the exceptions too generously. After all, the focus of such an exemption would be primarily on small companies with a low turnover. So here we are talking about very young companies or even startups. In the case of startups, the situation is aggravated by the fact that statistically speaking, many go out of business within five years, which means a high risk of loss for investors. This is unfortunately experienced with (too) many projects with the acceptance of blockchain technology for such processes. In many cases, startups were able to raise funds too easily. So it always remains a balancing of technical possibilities and legal framework conditions. Alternatively, digital securities would be conceivable for smaller (established) SMEs that are perhaps “only” planning a capital increase or would like to raise borrowing. This would be a possible first step to establishing trading platforms in a secure framework and expanding it according to the experience gained.



There are already the first providers who want to implement shareholder meetings, voting and documentation on the basis of DLT. The move is intended to increase both transparency and efficiency. This would also have advantages for listed companies. In a final step, it would then be easier to link trading with various services, for example, and shareholders would be able to participate directly in votes and clearly identify their entitlements. This shows that the digitization of companies not only benefits small firms, but can make the entire process more transparent and efficient. In addition, there are already companies operating in the market – such as SIX, BSDEX or Archax, which are already working on regulated secondary markets in Europe. Many of these secondary markets are already live. However, it still takes some time until the adapted regulations are established in business practices and standards allow interoperability.


About the Author

Tim Stockschläger has been involved with blockchain technology and its applications for many years. After holding various positions at leading banks in Germany, he moved to the fintech industry, where he gained experience in fintech communication as Head of Marketing & Communication at io-Market and as Chief Marketing Manager at edeXa. Since 2018, Stockschläger has been advising companies from various industries at Finbiz in the area of Crowdfunding/ Token Sales, Investor Relations, and Marketing. Together with Dino Heinert, he has published the book “Security Token Crowdfunding”.

The articles available on the blog are for general information purposes only and are not a substitute for advice from lawyers, tax advisors or auditors in specific cases. 21.finance AG cannot assume any liability for the correctness, completeness and up-to-dateness of the content provided. This applies in particular to statements on legal standards and regulatory provisions. The information provided in this blog is neither an offer nor an invitation to purchase investments of any kind, nor a recommendation for investments associated with the content of the posts.